Remove unused function cron_get_job_context.

diff --git a/man/cron.8 b/man/cron.8
index c14f23f157f2b8bc94a4486994231701d8965ff6..827e6b32629039a3f3c80d54b002cb9af19f920a 100644 (file)
--- a/man/cron.8
+++ b/man/cron.8
@@ -19,7 +19,7 @@
 .\"
 .\" $Id: cron.8,v 1.8 2004/01/23 19:03:32 vixie Exp $
 .\" 
-.TH CRON "8" "26 June 2008" "Linux Programmer's Manual"
+.TH CRON "8" "20 May 2009" "Linux Programmer's Manual"
 .UC 4
 .SH NAME
 cron \- daemon to execute scheduled commands (cronie V1.2)
@@ -112,7 +112,7 @@ On Red Hat systems, crond now supports access control with PAM - see
 .IR pam (8).
 A PAM configuration file for crond is installed in /etc/pam.d/crond.
 crond loads the PAM environment from the pam_env module, but these
-can be overriden by settings in the crontab file.
+can be overriden by settings in the appropriate crontab file.
 .SH "OPTIONS"                                                                                                                 
 .TP                                                                                                                           
 .B "\-m"                                                                                                                      
@@ -153,4 +153,4 @@ This is a limitation of inotify API.
 .IR pam (8)
 .SH AUTHOR
 .nf
-Marcela Mašláňová <mmaslano@redhat.com>
\ No newline at end of file
+Marcela Mašláňová <mmaslano@redhat.com>

diff --git a/src/funcs.h b/src/funcs.h
index c00452f7444d76e17b5ae9d94fab32b16d2be7f0..32d90c222b22510e1a1a8ce143b6467e88523acf 100644 (file)
--- a/src/funcs.h
+++ b/src/funcs.h
@@ -97,8 +97,6 @@ int cron_change_user( struct passwd *pw, char *homedir );
 
 int cron_change_user_permanently( struct passwd *pw );
 
-int cron_get_job_context( user *u, void *scontextp, void *file_contextp, char **envp );
-
 int get_security_context(const char *name, 
                         int crontab_fd, 
                         security_context_t *rcontext, 

diff --git a/src/security.c b/src/security.c
index 5db26ed593cfac44afe737551f8fab3f9b9f05a1..26ede72bc7b6c03b4e15942c4c490d82b990f1c6 100644 (file)
--- a/src/security.c
+++ b/src/security.c
@@ -261,42 +261,6 @@ static int cron_authorize_range
        return 1;
 }
 
-int cron_get_job_context(user *u, void *scontextp, void *file_contextp, char **jobenv) {
-#if WITH_SELINUX
-       char *sroletype;
-
-       if (is_selinux_enabled() <= 0)
-               return 0;
-       if ((file_contextp == 0) || (scontextp == 0L))
-               return -1;
-
-       *((security_context_t*)scontextp) = u->scontext;
-       *((void **)file_contextp) = 0L;
-
-       if ((sroletype = env_get("SELINUX_ROLE_TYPE",jobenv)) != 0L) {
-               *((security_context_t*)scontextp) = (security_context_t) sroletype;
-               
-               char crontab[MAX_FNAME];
-               if (strcmp(u->name,"*system*") == 0)
-                       strncpy(crontab, u->tabname, MAX_FNAME);
-               else
-                       snprintf(crontab, MAX_FNAME, "%s/%s", CRONDIR, u->tabname);
-
-               if (getfilecon( crontab, file_contextp ) == -1) {
-                       if (security_getenforce() > 0) { 
-                               log_it(u->name, getpid(), "getfilecon FAILED for SELINUX_ROLE_TYPE", 
-                                      sroletype, 0);
-                               return -1;
-                       } else if (access( crontab, F_OK ) == 0)
-                               log_it(u->name, getpid(), 
-                                       "getfilecon FAILED but SELinux in permissive mode, continuing "
-                                   "- SELINUX_ROLE_TYPE", sroletype, 0);
-               }
-       }
-#endif
-       return 0;
-}
-
 #if WITH_SELINUX
 /* always uses u->scontext as the default process context, then changes the
    level, and retuns it in ucontextp (or NULL otherwise) */